package com.blkj.iam.shared.client.controller;

import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.sso.processor.SaSsoServerProcessor;
import cn.dev33.satoken.util.SaResult;
import cn.hutool.json.JSONArray;
import cn.hutool.json.JSONObject;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.blkj.iam.common.constant.SsoConstants;
import com.blkj.iam.shared.client.service.SsoUserService;
import com.blkj.iam.system.model.entity.User;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.annotation.Resource;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

/**
 * @description: 对外提供接口
 * @author: Ethan
 * @create: 2025-04-11
 **/
@Tag(name = "对外提供接口")
@RestController
@RequestMapping("/api/v1")
public class SsoUserController {

    @Resource
    private SsoUserService ssoUserService;


    private static SaResult checkSign() {
        try {
            // 校验签名：只有拥有正确秘钥发起的请求才能通过校验
            String client = SaHolder.getRequest().getHeader(SsoConstants.CLIENT);
            SaSsoServerProcessor.instance.ssoServerTemplate.getSignTemplate(client).checkRequest(SaHolder.getRequest());
            return SaResult.ok();
        } catch (Exception e) {
            return SaResult.error("签名校验失败");
        }
    }


    @RequestMapping("/getUserInfo")
    public SaResult getUserInfo(String loginId) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        JSONObject userObj = ssoUserService.getUserInfo(loginId);
        return SaResult.ok().setData(userObj);
    }

    @RequestMapping("/getPermCode")
    public SaResult getPermCode(String loginId) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        JSONObject userObj = ssoUserService.getPermCode(loginId);
        return SaResult.ok().setData(userObj);
    }

    @RequestMapping("/getUserPermission")
    public SaResult getUserPermission(String loginId) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        JSONObject userObj = ssoUserService.getPermMenu(loginId);
        return SaResult.ok().setData(userObj);
    }

    @RequestMapping("/getUserRole")
    public SaResult getUserRole(String loginId) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        JSONArray userRole = ssoUserService.getUserRole(loginId);
        return SaResult.ok().setData(userRole);
    }

    @RequestMapping("/getUserPermList")
    public SaResult getUserPermList(String loginId) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        JSONArray userPermList = ssoUserService.getUserPermList(loginId);
        return SaResult.ok().setData(userPermList);
    }

    @RequestMapping("/user/listAll")
    public SaResult getUserList(@RequestParam Map<String, Object> params) {
        SaResult signResult = checkSign();
        if (signResult.getCode() != 200) {
            return signResult;
        }

        Page<User> userPage = ssoUserService.getUserList(params);
        return SaResult.ok().setData(userPage);
    }
}
